Hello!. We got a 30mb SDSL connection with 500+ clients behind it. Some is using mutch bandwith for bittorrent, and other bandwith consuming things I been locking at dedicated traffic shaping boxes, but they come at a high cost. Anybody know ift here is any easy to manage traffic shaping software for linux. Wil a powerful linux box be enough for this network?, or wil it just slow everything down?. Well, if enybody got experience with this, or know links to how to`s etc I`m very interested. Thank you in advance.
I think you can do this with iptables. If you want to limit bandwidth for Apache, have a look here: http://www.howtoforge.com/mod_cband_apache2_bandwidth_quota_throttling
SDSL Traffic Shaping Hello Hagforce. I'm facing the same problem, although to a much smaller scale. I've made a script that really improves the performance on my SDSL link, but I really don't know if this is the right way to do it. I am no iptables guru, I just know that this works for me. Maybe you can use this as a guide on how to set up something similar? This is the shellscript I run on my linux based firewall/router: #!/bin/sh set_ipt () { ## Set up base tables for interfaces. iptables -t mangle -F POSTROUTING for DEVICE in eth0 eth1; do # Check if the table is defined. iptables -t mangle -n -L SH${DEVICE}-OUT > /dev/null 2>&1 if [ $? != 0 ]; then # No. Create the table. iptables -t mangle -N SH${DEVICE}-OUT else # Yes. Empty the table. iptables -t mangle -F SH${DEVICE}-OUT fi iptables -t mangle -I POSTROUTING -o ${DEVICE} -j SH${DEVICE}-OUT done } ## Bandwidth to limit to. ## Should be approx. 10-15% lower than max bandwidth on the link. ## (This is in kilobit) MAINRATE=1900 for DEVICE in eth0 eth1; do # Set up basequeues on the interfaces and change queuelenght. ifconfig $DEVICE txqueuelen 100 tc qdisc del dev $DEVICE root sfq perturb 10 >/dev/null 2>&1 tc qdisc del dev $DEVICE root >/dev/null 2>&1 # If the script was started with the stop parameter, # let's stop here. This will result in all traffic # shaping to be turned off. if [ "$1" = "stop" ]; then continue; fi # Add HTB root queue discipline. tc qdisc add dev ${DEVICE} root handle 1: htb default 22 # Add main limit class. tc class add dev ${DEVICE} parent 1: classid 1:1 htb rate ${MAINRATE}kbit # Set up classes. tc class add dev ${DEVICE} parent 1:1 classid 1:20 htb rate $(($MAINRATE/4))kbit ceil ${MAINRATE}kbit prio 0 tc class add dev ${DEVICE} parent 1:1 classid 1:21 htb rate $(($MAINRATE/4))kbit ceil ${MAINRATE}kbit prio 1 tc class add dev ${DEVICE} parent 1:1 classid 1:22 htb rate $(($MAINRATE/4))kbit ceil ${MAINRATE}kbit prio 2 tc class add dev ${DEVICE} parent 1:1 classid 1:23 htb rate $(($MAINRATE/4))kbit ceil ${MAINRATE}kbit prio 3 # Queues for wach class. tc qdisc add dev ${DEVICE} parent 1:20 handle 20: sfq perturb 10 tc qdisc add dev ${DEVICE} parent 1:21 handle 21: sfq perturb 10 tc qdisc add dev ${DEVICE} parent 1:22 handle 22: sfq perturb 10 tc qdisc add dev ${DEVICE} parent 1:23 handle 23: sfq perturb 10 # Limit traffic to the classes based on tagging from iptables. tc filter add dev ${DEVICE} parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20 tc filter add dev ${DEVICE} parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21 tc filter add dev ${DEVICE} parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22 tc filter add dev ${DEVICE} parent 1:0 prio 0 protocol ip handle 23 fw flowid 1:23 set_ipt iptables -t mangle -A SH${DEVICE}-OUT -p tcp -m length --length :64 -j MARK --set-mark 20 # Small packages iptables -t mangle -A SH${DEVICE}-OUT -p udp -j MARK --set-mark 20 # UDP packages # iptables -t mangle -A SH${DEVICE}-OUT -p icmp -j MARK --set-mark 21 # ICMP packages (ping) iptables -t mangle -A SH${DEVICE}-OUT -p tcp --sport 22 -j MARK --set-mark 20 # SSH # iptables -t mangle -A SH${DEVICE}-OUT -p tcp --sport 23 -j MARK --set-mark 21 # TELNET iptables -t mangle -A SH${DEVICE}-OUT -p tcp --sport 21 -j MARK --set-mark 21 # FTP Control done ## END ##